Select Page

Privacy Policy

Who we are

Our website address is: https://pennaflowercompany.com.

What personal data we collect and why we collect it

Comments

When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

Media

If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

Information Collection, Use, and Sharing

We are the sole owners of the information collected on this site. We only have access to/collect information that you voluntarily give us via email or other direct contact from you. We will not sell or rent this information to anyone. 

We will use your information to respond to you, regarding the reason you contacted us. We will not share your information with any third party outside of our organization, other than as necessary to fulfill your request, e.g., to ship an order.

Unless you ask us not to, we may contact you via email in the future to tell you about specials, new products or services, or changes to this privacy policy. 

Your Access to and Control Over Information 

You may opt out of any future contacts from us at any time. You can do the following at any time by contacting us via the email address or phone number provided on our website:

  • See what data we have about you, if any.
  • Change/correct any data we have about you.
  • Have us delete any data we have about you.
  • Express any concern you have about our use of your data

Orders 

We request information from you on our order form for products, workshops or the like. To buy items like this from us, you must provide contact information (like name and shipping address) and financial information (like credit card number, expiration date). This information is used for billing purposes and to fill your orders. If we have trouble processing an order, we’ll use this information to contact you.

Cookies

We use “cookies” on this site. A cookie is a piece of data stored on a site visitor’s hard drive to help us improve your access to our site and identify repeat visitors to our site. For instance, when we use a cookie to identify you, you would not have to log in a password more than once, thereby saving time while on our site. Cookies can also enable us to track and target the interests of our users to enhance their experience on our site. Usage of a cookie is in no way linked to any personally identifiable information on our site. You can find out more about cookie management and how to delete them from your browsers at Aboutcookies.org.

If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

Third party cookies

We may also point from our websites to other internet services that do use cookies such as advertisers. Our payment processors, for example, will place cookies as well. This is also the case with multi-media services, and with the links that we post on our social media accounts.

We do not always have control over how long the cookies are saved from non-affiliated companies.

Social Media cookies

We use social media and social networking services to advance our work. These applications require the use of third party service providers. Notably, we have an Instagram page and a YouTube account (the latter of which is solely used for clients.)

Instagram is administered by Facebook, in accordance with Facebook’s Data Policy available here, and is accessible by Instagram users who have already consented to Instagram’s Data Policy. We do not export information on our followers from the Instagram platform.

The YouTube channel is administered by YouTube, in accordance with their privacy policy available here.

We use direct messaging over social media on occasion, when individuals and organizations contact us on Facebook by leaving messages in our Inbox or by sending us Direct Messages on Twitter. We will delete any information as requested by any individual who has reached out to us.

Some of our business partners may use cookies on our site (e.g., advertisers). However, we have no access to or control over these cookies.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

Analytics

Who we share your data with

We share aggregated demographic information with our partners and advertisers to help us provide the best possible experience on our website. This is not linked to any personal information that can identify any individual person.

We may also use an outside shipping company to ship orders, and a credit card processing company to bill users for goods and services. These companies do not retain, share, store or use personally identifiable information for any secondary purposes beyond filling your order.

We do not sell, trade, or otherwise transfer to outside parties your personally identifiable information unless we provide you with advance notice. This does not include website hosting partners and other parties who assist us in operating our website, conducting our business, or servicing you, so long as those parties agree to keep this information confidential. We may also release your information when we believe release is appropriate to comply with the law, enforce our site policies, or protect ours or others’ rights, property, or safety.

However, non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses.

How long we retain your data

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

What rights you have over your data

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Where we send your data

Visitor comments may be checked through an automated spam detection service.

Your contact information

We collect your email address in order to:

  • Send information, respond to inquiries, and/or other requests or questions.
  • Market to our mailing list or continue to send emails to our clients after the original transaction has occurred.

To be in accordance with CANSPAM we agree to the following:

  • NOT use false, or misleading subjects or email addresses.
  • Identify the message as an advertisement in some reasonable way.
  • Include the physical address of our business or site headquarters.
  • Monitor third party email marketing services for compliance, if one is used.
  • Honor opt-out/unsubscribe requests quickly.
  • Allow users to unsubscribe by using the link at the bottom of each email.

If at any time you would like to unsubscribe from receiving future emails, you can

  • Follow the instructions at the bottom of each email, and we will promptly remove you from ALL correspondence.

 

Additional information

How we protect your data

We honor do not track signals and do not track, plant cookies, or use advertising when a Do Not Track (DNT) browser mechanism is in place. We do not sell private information, and we have implemented a SSL certificate on our site to secure our site for users. 

What data breach procedures we have in place

We will notify the users via email

  • Within 72 hours of breach

And, we will notify the users via in-site notification

  • Within 7 business days

We also agree to the individual redress principle, which requires that individuals have a right to pursue legally enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or a government agency to investigate and/or prosecute non-compliance by data processors.

CAN SPAM Act

The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.

What third parties we receive data from

It’s also important to note that we allow third party behavioral tracking to help us continuously improve the user experience when they visit our website. This information helps to show us what may be relevant or undesired on our site.

Occasionally, at our discretion, we may also include or offer third party products or services on our website. These third-party sites have separate and independent privacy policies. We, therefore, have no responsibility or liability for the content and activities of these linked sites. Nonetheless, we seek to protect the integrity of our site and welcome any feedback about these sites.

Google

Google’s advertising requirements can be summed up by Google’s Advertising Principles. They are put in place to provide a positive experience for users: https://support.google.com/adwordspolicy/answer/1316548?hl=en

We use Google Analytics on our website.

Google, as a third-party vendor, uses cookies to serve ads linked to our site. Google’s use of the DART cookie enables it to serve ads to our users based on their visit to our site and other sites on the Internet. Users may opt out of the use of the DART cookie by visiting the Google ad and content network privacy policy.

Users can set preferences for how Google advertises to you using the Google Ad Settings page. Alternatively, you can opt out by visiting the Network Advertising initiative opt-out page or permanently using the Google Analytics Opt-Out Browser add-on.

Other Provisions as Required by Law

Numerous other provisions and/or practices may be required as a result of laws, international treaties, or industry practices. It is up to you to determine what additional practices must be followed and/or what additional disclosures are required. Please take special notice of the California Online Privacy Protection Act (CalOPPA), which is frequently amended and now includes a disclosure requirement for “Do Not Track” signals.

 

California Online Privacy Protection Act

 

CalOPPA is the first state law in the nation to require commercial websites and online services to post a privacy policy. The law’s reach stretches well beyond California to require a person or company in the United States (and conceivably the world) that operates websites collecting personally identifiable information from California consumers to post a conspicuous privacy policy on its website stating exactly the information being collected and those individuals with whom it is being shared, and to comply with this policy. – See more at: http://consumercal.org/california-online-privacy-protection-act-caloppa/#sthash.0FdRbT51.dpuf

According to CalOPPA we agree to the following:

Users can visit our site anonymously.

Once this privacy policy is created, we will add a link to it on our homepage, or as a minimum on the first significant page after entering our website.

Our Privacy Policy link includes the word ‘Privacy’ and can be easily be found on the page specified above.

Users will be notified of any privacy policy changes:

  • On our Privacy Policy Page

Users are able to change their personal information:

  • By emailing us at pennaflowercompany@gmail.com

 

If you feel that we are not abiding by this privacy policy, you should contact us immediately via email at pennaflowercompany@gmail.com.

Date of last update to Privacy Policy: December 2020